Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
2839 articles · 175149 vulns · 37/41 feeds (7d)
← Back to list
7.4
CVE-2026-54429PATCHED
siemens · simatic s7-plcsim advanced

CVE-2026-54429: A vulnerability has been identified in SIMATIC S7-PLCSIM Advanced (All versions). Affected devices do not properly handl

Description

A vulnerability has been identified in SIMATIC S7-PLCSIM Advanced (All versions). Affected devices do not properly handle high-volume multicast network traffic, which can exhaust available memory resources in the affected application. This could allow an unauthenticated attacker on the local network segment to cause a denial-of-service condition of the affected application. The affected application becomes inaccessible and requires a manual restart; no project data is lost. Successful exploitation requires a specific project configuration to be already active on the targeted instance.

Affected Products

VendorProductVersions
siemenssimatic s7-plcsim advanced0

Also Affects

Downstream vendors/products affected by this vulnerability

VendorProductSourceConfidence
siemenssimatic s7cert_advisory90%

References

  • https://cert-portal.siemens.com/productcert/html/ssa-828211.html

Related News (2 articles)

Tier C
VulDB5h ago
CVE-2026-54429 | Siemens SIMATIC S7-PLCSIM Advanced Project Configuration allocation of resources (ssa-828211)
→ No new info (linked only)
Tier B
BSI Advisories5h ago
[NEU] [mittel] Siemens SIMATIC S7: Schwachstelle ermöglicht Denial of Service
→ No new info (linked only)
CVSS 3.17.4 HIGH
VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
CISA KEV❌ No
Actively exploited❌ No
Patch available
*
CWECWE-770
PublishedJul 14, 2026
Last enriched4h agov2
Trending Score38
Source articles2
Independent2
Info Completeness9/14
Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

MEDIUMCVE-2025-40945EXP
CVE-2025-40945: A vulnerability has been identified in COMOS V10.4.5 (All versions < V10.4.5.0.2), COMOS V10.6 (All versions < V10.6.1),
Trending: 47
CRITICALCVE-2026-56451
CVE-2026-56451: A vulnerability has been identified in Opcenter X (All versions < V2604). Affected applications do not properly validate
Trending: 44
HIGHCVE-2026-54801EXP
CVE-2026-54801: A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.20), SICORE Base syst
Trending: 31
MEDIUMCVE-2026-54799EXP
CVE-2026-54799: A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.20), SICORE Base syst
Trending: 29
MEDIUMCVE-2026-54798EXP
CVE-2026-54798: A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.20), SICORE Base syst
Trending: 26

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
Jul 14, 2026
Discovered by ZDM
Jul 14, 2026
Updated: description
Jul 14, 2026
Patch Available
Jul 14, 2026

Version History

v2
Last enriched 4h ago
v2Tier C4h ago

Updated description with new details about the Project Configuration Handler and confirmed that no exploit is available.

description
via VulDB
v15h ago

Initial creation